Mandate
Security checks across malware telemetry and agentic risk
Overview
Mandate appears to be a coherent wallet safety gate, but it handles sensitive transaction approvals, sends transaction details to Mandate, and recommends optional plugins/payment flows that users should enable deliberately.
Install only if you want Mandate to act as a wallet transaction policy gate. Protect the MANDATE_RUNTIME_KEY, review what transaction details are sent to Mandate, verify any optional plugin packages before installing them, and be careful with the x402 pay-per-call path because it can spend USDC for validation requests.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Mandate can influence whether wallet transactions proceed, and the runtime key should be treated as sensitive.
The skill depends on a Mandate runtime credential and places Mandate in the approval path for wallet transactions. That is expected for spend-limit enforcement, but it is high-impact financial authority.
Auth: Authorization: Bearer <MANDATE_RUNTIME_KEY> ... You MUST validate with Mandate BEFORE calling the wallet API.
Use a properly scoped Mandate runtime key, keep it secret, rotate it if exposed, and confirm approval policies before enabling wallet automation.
Mandate may receive details about intended transfers, swaps, amounts, recipients, and reasons.
The validation workflow sends transaction intent details such as action, reason, amount, and recipient to Mandate's external API. This is disclosed and central to the policy-check purpose, but it is sensitive financial metadata.
curl -X POST https://app.mandate.md/api/validate ... -d '{"action":"swap","reason":"Swap 0.1 ETH for USDC","amount":"50","to":"0xAlice"}'Only use the service if you are comfortable sharing transaction-intent metadata with Mandate, and review the provider's privacy and retention terms.
Installing the recommended plugin could give additional code the ability to observe or block wallet-related tool calls.
The skill recommends installing external plugins with hooks that intercept financial tool calls, but those plugin packages are not part of the reviewed instruction-only artifact set.
openclaw plugins install @mandate.md/mandate-openclaw-plugin ... Hooks auto-intercept Locus, Bankr, Sponge, and any swap/transfer/send tool call.
Before installing optional plugins, verify the package source, publisher, version, and documentation, and review the plugin separately if possible.
If the x402 path is used, validation calls may spend small amounts of USDC.
The artifact documents an optional validation path that can require wallet-signed micropayments. Pricing is disclosed, but automatic use could incur costs.
x402 Pay-Per-Call ... Pricing: /validate = $0.10, /validate/preflight = $0.05 ... Sign with @x402/fetch, retry with PAYMENT-SIGNATURE header -> 200.
Prefer the configured runtime-key flow unless you intentionally want pay-per-call validation, and set wallet spending limits for any automated x402 usage.